<?php 
//Config

$SQLHOST = "localhost"; //Address of LOGON database.
$SQLUSER = "root"; //MySQL user.
$SQLPASS = ""; //MySQL password.
$SQLDATA = "ascent"; //LOGON database.

//End Config

session_start(); 
if($_GET['mode']=="captcha")
{
	$im = imagecreate(80,20);
	$white = imagecolorallocate($im,255,255,255);
	$black = imagecolorallocate($im,0,0,0);
	$chars = "ABCDEFGHIJKLMNPQRSTUVWXYZ123456789";
	$offset = rand(0,2);
	$curl = rand(8,12);
	imagefill($im,0,0,$white);
	for($i = 0;$i<6;$i++) { $string.=substr($chars,rand(0,strlen($chars)-1),1); }
	$_SESSION['createaccount']['captcha']=$string;
	imagestring($im,5,rand(3,6),1,$string,$black);
	for($i = 0;$i<10;$i++) { imageline($im,0,($i*$curl)+$offset,80,($i*3)+$offset,$black); }
	header("Content-type: image/png \r\n");
	imagepng($im);
	imagedestroy($im);
	die;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Account Creation</title>
</head>
<?php
	if($_POST['do']=="create")
	{
		$Connection = mysql_connect($SQLHOST,$SQLUSER,$SQLPASS);
		mysql_select_db($SQLDATA,$Connection);
		$Username = mysql_real_escape_string($_POST['username']);
		$Password = mysql_real_escape_string($_POST['password']);
		$Email = mysql_real_escape_string($_POST['email']);
		$Bc = mysql_real_escape_string($_POST['bc']);
		$Captcha = mysql_real_escape_string($_POST['captcha']);
		
		//Validate username. Contains 4-12 nums and chars. Make sure it is not in use already.
		if(!eregi("^[a-zA-Z0-9]{4,12}$",$Username)) { $Error.="<li>Username must consist of 4-12 letters or numbers.</li>"; }
		if(mysql_num_rows(mysql_query("SELECT * FROM accounts WHERE login='$Username';"))!=0) { $Error.="<li>That account name already exists.</li>"; }
		//Validate password. Contains 4-12 letters.
		if(!eregi("^.{4,12}$",$Password)) { $Error.="<li>Password must be between 4-12 characters long.</li>"; }
		//Validate email. This one's a biggie.
		if(!eregi("^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$",$Email)) { $Error.="<li>You must specify a valid email address.</li>"; }
		//Validate captcha code.
		if(strtolower($Captcha)!=strtolower($_SESSION['createaccount']['captcha']) || $_SESSION['createaccount']['captcha']==NULL) { $Error.="<li>The code you entered was incorrect.</li>"; }
		unset($_SESSION['createaccount']['captcha']);
		//Create account if we don't error.
		if($Error==NULL)
		{
			mysql_query("INSERT INTO accounts (login,password,lastip,email,flags) VALUES ('$Username','$Password','{$_SERVER['REMOTE_ADDR']}','$Email','$Bc');");
			?>
			<b>Congratulations!</b><br />
			Your account has successfuly been created! You will be able to log in within the next 10 minutes.
			<?php
		}
		else
		{
			?>
			<b>Error</b><br />
			Sorry, your account could not be created due to the following reasons:<br />
			<ul>
				<?php echo $Error; ?>
			</ul>
			<?php
		}
	}
	else
	{
		?>
		<form method="post">
			<input type="hidden" name="do" value="create" />
			<table width="310" border="0" cellspacing="5px">
				<tr>
					<td width="129">Username:</td>
					<td width="162"><input type="text" name="username" size="24" maxlength="12" /></td>
				</tr>
				<tr>
					<td>Password:</td>
					<td><input type="text" name="password" size="24" maxlength="12" /></td>
				</tr>
				<tr>
					<td>Email:</td>
					<td><input type="text" name="email" size="24" maxlength="32" /></td>
				</tr>
				<tr>
					<td>Burning Crusade:</td>
					<td><input type="checkbox" value="8" name="bc" checked="checked" /></td>
				</tr>
				<tr>
					<td>Security Code:</td>
					<td><img src="?mode=captcha" /></td>
				</tr>
				<tr>
					<td></td>
					<td><input type="text" name="captcha" size="8" maxlength="6" /></td>
				</tr>
				<tr>
					<td></td>
					<td><input type="submit" value="Create!"/></td>
				</tr>
</table>
		<?php
	}
?>